Term of the Day

Shovelware is a derogatory term used for software that has either been quickly developed without regard to quality or function and features, or software that has been forced on customers such as those that are preloaded on laptops or smartphones by their respective carriers.
Read more

Gaining the trust of online customers is vital for the success of any company that transfers sensitive data over the Web. When shopping online, consumers are concerned about identity theft and are therefore wary of providing untrusted sources with their personal information, especially their credit card details. Other types of online businesses require different but equally sensitive information. People are reluctant to provide their national insurance numbers, passwords, or other confidential personal information, or sometimes even just name, address, and phone number. Perhaps the information will be intercepted in transit, they fear, or perhaps the destination itself is manned by imposters with ill intent. The result is an abandoned transaction.

This paper will show how code signing works, how attacks can be mounted against unsigned software, (including autoupdate software), and how real-world signing systems protect software vendors, enterprises and end users.

This guide will show you how Code Signing Certificates are used to secure code that can be downloaded from the Internet. You will also learn how these certificates operate with different software platforms.

Online visitors are becoming more and more wary about transacting online. One way to provide reassurance that your Web site is reputable and safe is to implement the latest SSL encryption technology on your site. Read this guide to learn about the latest in SSL.

Learn about governmental standards and regulations, such as HIPAA and Sarbanes-Oxley, covering data protection and privacy. Then, learn how your enterprise can be compliant utilizing the latest encryption technologies.

The efficacy of code signing as an authentication mechanism for software depends on the secure storage of code signing private keys used by software publishers. Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. This white paper describes recent security breaches and why they may have happened, along with best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.

The explosive growth of the mobile apps market presents a tremendous opportunity for software developers and cybercriminals alike. Infected apps are not only a threat to mobile device users, but also to network and platform providers, device manufacturers, and the reputation of the industry as a whole. Fortunately, developers can protect their code – and their customers – with a straightforward and easy-to-manage technology: code signing certificates. This white paper details the rise of mobile applications and why code signing certificates are essential to protecting the entire mobile apps ecosystem.

The explosive growth of the mobile apps market presents a tremendous opportunity for software developers and cybercriminals alike. Infected apps are not only a threat to mobile device users, but also to network and platform providers, device manufacturers, and the reputation of the industry as a whole. Fortunately, developers can protect their code – and their customers – with a straightforward and easy-to-manage technology: code signing certificates. This white paper details the rise of mobile applications and why code signing certificates are essential to protecting the entire mobile apps ecosystem.

"For years, developers have known that one of the best ways to reassure users is by signing code using a digital signature accessed via a private key issued by a respected certificate authority. But signed code is not invulnerable. Due to lax key security and vetting processes, malware has managed to infiltrate applications with signed code.
Extended Validation (EV) Code Signing Certificates help to halt malware infiltration by requiring a rigorous vetting process and helping ensure that private key security cannot be compromised. EV certificates require a hard token and associated PIN in order to sign code, introducing a more secure physical factor of authentication to the signing process. The EV Code Signing process provides browsers, operating systems, and security software an additional source of confidence in applications signed with an EV certificate.
Read the white paper, Protect Your Applications—and Reputation—with Symantec EV Code Signing, to learn:
• Key background on the latest malware threats
• How you can provide users with reassurance that your application is safe to download
• Why EV Code Signing Certificates represent the next step in advanced website security and their effectiveness
• How you can help provide a frictionless experience when users attempt to download your application
"

Android is on the rise. Unfortunately, popularity can also bring unwanted attention. While Android fans love the fact that it is an open development platform that offers developers the ability to build extremely rich and innovative applications, the same open nature of the Android platform is what makes it so attractive to malware creators. It’s high time for Android developers to increase their awareness of the pitfalls awaiting their users. This white paper focuses on the value of secure code signing practices for building more secure Android apps.

Android is on the rise. Unfortunately, popularity can also bring unwanted attention. While Android fans love the fact that it is an open development platform that offers developers the ability to build extremely rich and innovative applications, the same open nature of the Android platform is what makes it so attractive to malware creators. It’s high time for Android developers to increase their awareness of the pitfalls awaiting their users. This white paper focuses on the value of secure code signing practices for building more secure Android apps.

For years, developers have known that one of the best ways to reassure users is by signing code using a digital signature accessed via a private key issued by a respected certificate authority. But signed code is not invulnerable. Due to lax key security and vetting processes, malware has managed to infiltrate applications with signed code.
Read the white paper, Protect Your Applications—and Reputation—with Symantec EV Code Signing, to learn:
• Key background on the latest malware threats
• How you can provide users with reassurance that your application is safe to download
• Why EV Code Signing Certificates represent the next step in advanced website security and their effectiveness
• How you can help provide a frictionless experience when users attempt to download your application

The explosive growth of the mobile apps market presents a tremendous opportunity for software developers and cybercriminals alike. Infected apps are not only a threat to mobile device users, but also to network and platform providers, device manufacturers, and the reputation of the industry as a whole. Fortunately, developers can protect their code – and their customers – with a straightforward and easy-to-manage technology: code signing certificates. This white paper details the rise of mobile applications and why code signing certificates are essential to protecting the entire mobile apps ecosystem.

The efficacy of code signing as an authentication mechanism for software depends on the secure storage of code signing private keys used by software publishers. Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. This white paper describes recent security breaches and why they may have happened, along with best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.

Certificates are for more than just Web servers - and code-signing certificates in particular can make your enterprise more secure, make your software more accepted, and even stop malware in its tracks.

Certificates are for more than just Web servers - and code-signing certificates in particular can make your enterprise more secure, make your software more accepted, and even stop malware in its tracks. Learn about the many ways in which code-signing certificates are being used to create more secure, more trustworthy, and more accepted software in a variety of different scenarios.

This guide will show you how Code Signing Certificates are used to secure code that can be downloaded from the Internet. You will also learn how these certificates operate with different software platforms.

Android is on the rise. In a 2011 study, Distimo found that the Android Market (now known as Google Play) eclipsed the Apple App Store in terms of free apps, with 134,342 apps compared to Apple's 121,845.